Forefront TMG SP1 with integrated NLB: I'm unable to see both hosts in NLB manager

mbromb
mbromb used Ask the Experts™
on
I have a 2 node array with integrated NLB enabled for both external and internal networks.  There is a dedicated non load balanced intra-array network and stil l can't see both nodes when opening NLB manager.  I'm not sure if I need to make sure the firewall rules are correct or what the problem is.  Any advice is appreciated.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
There is a special system rule for array members as well as a setting, which IP is used for intra array communication.
Both array servers has to be member in the Array Server computer group.
Check the IP in System - Servers - Communication
System Policy 36 "Allow intra array communication" covers the rule for this.

Author

Commented:
OK. So, if the servers are in the "array servers" computer set than it looks like they should have all the access they need for NLB management etc...  Thank you for showing me the System policy Rules.  I'm new to ISA/TMG and I was not happy about these computer sets that seem to have rules associated and not being able to see them except maybe in the Windows Firewall rules.  I wasn't aware that I could see the System policy rules this way.

I was also confused about "all outbound traffic" while creating an access rule.  i'm now reading that to mean outbound traffic from the source.  So, i could make a rule for all outbound traffic from that server to localhost and be confident that all  ports are open to the remote server.

I think that is one of the missing links for me with this issue, and i feel confident in what they're doing.

Thanks!!

Author

Commented:
Thank You!!!!!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial